Security Advisory

CVE-2020-11976

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-08-11 18:15:51

Last updated 2024-08-04 11:48:57

Assigner apache

State PUBLISHED

Description

By crafting a special URL it is possible to make Wicket deliver unprocessed HTML templates. This would allow an attacker to see possibly sensitive information inside a HTML template that is usually removed during rendering. Affected are Apache Wicket versions 7.16.0, 8.8.0 and 9.0.0-M5

← Browse all CVEs View on cve.org ↗